Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/erri3JleOESIGmMd7EJhK0-oC3I.roa
File: erri3JleOESIGmMd7EJhK0-oC3I.roa (raw, json)
Hash identifier: 1OY84m8VN3TsnCiGtI57omSJexOtSdvCrJmohkYdvoM=
Subject key identifier: 7A:BA:E2:DC:99:5E:38:44:88:1A:63:1D:EC:42:61:2B:4F:A8:0B:72
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C329DA268A09B7450CD6DC53263C79
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/erri3JleOESIGmMd7EJhK0-oC3I.roa
Signing time: Mon 02 Jan 2023 09:14:53 +0000
ROA not before: Mon 02 Jan 2023 09:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212123
IP address blocks: 185.133.211.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:29:da:26:8a:09:b7:45:0c:d6:dc:53:26:3c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7abae2dc995e3844881a631dec42612b4fa80b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6d:a0:3e:70:58:3e:af:42:ff:c2:c6:d2:ce:
7c:43:2d:c7:4f:0d:87:1a:e5:5e:cc:2f:b9:63:b9:
53:00:90:9f:37:0d:b0:88:bb:a8:e4:70:58:7f:c6:
84:86:f0:19:b2:56:e2:7e:4b:20:ae:5d:59:0d:c7:
a4:22:19:ab:3e:3f:a1:fe:fa:31:6d:33:17:d8:67:
69:2a:18:fc:6f:46:98:d0:10:e8:14:65:84:8c:93:
de:ae:e7:21:d9:f3:98:cf:0a:2e:80:5f:73:67:40:
d7:0e:e6:42:73:f4:f0:8d:90:c0:47:6c:b7:54:5d:
79:c7:24:51:3c:b1:cf:fb:3a:58:2d:8a:99:92:26:
bd:b9:93:f8:db:49:93:c6:56:de:b5:ac:3c:5a:90:
a5:94:c4:85:fc:d8:ad:fc:a8:5c:1f:b9:11:a9:40:
c7:88:47:39:4b:ec:f3:d2:f6:0b:af:a8:8a:59:d5:
d9:f7:b1:05:d1:e3:65:fd:00:50:63:aa:fe:c4:c4:
70:b7:c6:71:98:62:21:bb:8c:60:51:f8:76:3f:4a:
02:77:bd:0d:d3:e4:15:84:64:a5:c8:9c:90:53:16:
7c:f6:e4:8b:90:4d:ad:c4:69:0f:c7:3d:90:c7:60:
d1:fa:03:c8:dd:6c:35:68:fc:5c:f1:23:35:66:fb:
9a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BA:E2:DC:99:5E:38:44:88:1A:63:1D:EC:42:61:2B:4F:A8:0B:72
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/erri3JleOESIGmMd7EJhK0-oC3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.211.0/24
Signature Algorithm: sha256WithRSAEncryption
22:3c:58:3b:3d:54:47:77:ac:0e:2f:3f:d0:99:d3:04:91:83:
c8:ab:bd:b6:16:66:b5:3c:fe:3b:df:51:d0:84:72:ba:d3:dd:
d1:ae:32:ce:a3:ff:f5:1f:54:b1:70:7f:95:c1:1a:d1:bc:20:
1c:b7:e0:55:58:11:57:dc:2d:36:be:d0:8b:42:78:04:18:7e:
02:37:83:86:02:cf:5d:d7:d7:1b:c2:b3:0e:d8:09:d6:92:bf:
99:c4:a6:d4:ef:d2:39:e5:56:34:b2:4c:c2:c7:bc:91:4f:f9:
89:a6:d1:f5:91:46:e1:88:fb:59:09:1d:36:0e:6f:f5:4d:7e:
b9:27:b2:69:44:82:2d:cb:42:de:c4:e8:28:ef:2d:42:0c:4c:
42:a2:e6:bc:fc:65:c2:e9:65:b1:b8:34:e7:1f:b6:2c:68:48:
17:5c:8d:03:f0:61:6e:ec:e6:ce:b7:e0:98:81:4f:4e:3e:08:
2c:f2:ef:46:a4:ba:55:0a:40:af:b6:e4:f8:00:b8:36:ec:ae:
a0:d5:83:cc:a1:89:53:12:cc:43:7b:41:7b:ed:16:83:29:33:
07:98:70:4f:08:f3:6b:25:30:f7:d7:14:34:f3:1f:ee:f5:3a:
25:01:e9:52:18:a1:f8:90:6c:40:cc:6a:a1:b0:da:c1:cf:12:
20:3f:2d:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxwynaJooJt0UM1txTJjx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJhZTJkYzk5NWUzODQ0ODgxYTYzMWRlYzQyNjEyYjRmYTgwYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG2gPnBYPq9C/8LG0s58Qy3HTw2H
GuVezC+5Y7lTAJCfNw2wiLuo5HBYf8aEhvAZslbifksgrl1ZDcekIhmrPj+h/vox
bTMX2GdpKhj8b0aY0BDoFGWEjJPeruch2fOYzwougF9zZ0DXDuZCc/TwjZDAR2y3
VF15xyRRPLHP+zpYLYqZkia9uZP420mTxlbetaw8WpCllMSF/Nit/KhcH7kRqUDH
iEc5S+zz0vYLr6iKWdXZ97EF0eNl/QBQY6r+xMRwt8ZxmGIhu4xgUfh2P0oCd70N
0+QVhGSlyJyQUxZ89uSLkE2txGkPxz2Qx2DR+gPI3Ww1aPxc8SM1ZvuaPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHq64tyZXjhEiBpjHexCYStPqAtyMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvZXJyaTNKbGVPRVNJR21NZDdFSmhLMC1vQzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYXTMA0G
CSqGSIb3DQEBCwUAA4IBAQAiPFg7PVRHd6wOLz/QmdMEkYPIq722Fma1PP4731HQ
hHK6093RrjLOo//1H1SxcH+VwRrRvCAct+BVWBFX3C02vtCLQngEGH4CN4OGAs9d
19cbwrMO2AnWkr+ZxKbU79I55VY0skzCx7yRT/mJptH1kUbhiPtZCR02Dm/1TX65
J7JpRIIty0LexOgo7y1CDExCoua8/GXC6WWxuDTnH7YsaEgXXI0D8GFu7ObOt+CY
gU9OPggs8u9GpLpVCkCvtuT4ALg27K6g1YPMoYlTEsxDe0F77RaDKTMHmHBPCPNr
JTD31xQ08x/u9TolAelSGKH4kGxAzGqhsNrBzxIgPy2Z
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org